I have a project with a few dependencies and I'd like to install another one, but I'd like to keep the others the way they are. So I've edited the composer.json, but if I run composer install, I get the following output:
Installing dependencies from lock file
Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. Run update to update them.
Your requirements could not be resolved to an installable set of packages.
Problem 1
- laravel/framework dev-master requires ext-mcrypt * -> the requested PHP extension mcrypt is missing from your system.
- laravel/framework dev-master requires ext-mcrypt * -> the requested PHP extension mcrypt is missing from your system.
- Installation request for laravel/framework dev-master -> satisfiable by laravel/framework dev-master.
First of all, I do have mcrypt installed, so I don't know why it's complaining about that there.
So, how can I install this new dependency?
My composer.json:
{
"require": {
"opauth/opauth": "*",
"opauth/facebook": "*",
"opauth/google": "*",
"opauth/twitter": "*",
"imagine/Imagine": "dev-develop",
"laravel/framework": "4.*",
"loic-sharma/profiler": "dev-master"
},
"autoload": {
"classmap": [
"app/libraries",
"app/commands",
"app/controllers",
"app/models",
"app/database/migrations",
"app/tests/TestCase.php"
]
},
"minimum-stability": "dev"
}
This question is related to
composer-php
Actually, the correct solution is:
composer require vendor/package
Taken from the CLI documentation for Composer:
The
requirecommand adds new packages to thecomposer.jsonfile from the current directory.
php composer.phar requireAfter adding/changing the requirements, the modified requirements will be installed or updated.
If you do not want to choose requirements interactively, you can just pass them to the command.
php composer.phar require vendor/package:2.* vendor/package2:dev-master
While it is true that composer update installs new packages found in composer.json, it will also update the composer.lock file and any installed packages according to any fuzzy logic (> or * chars after the colons) found in composer.json! This can be avoided by using composer update vendor/package, but I wouldn't recommend making a habit of it, as you're one forgotten argument away from a potentially broken project…
Keep things sane and stick with composer require vendor/package for adding new dependencies!
My use case is simpler, and fits simply your title but not your further detail.
That is, I want to install a new package which is not yet in my composer.json without updating all the other packages.
The solution here is composer require x/y
In my case, I had a repo with:
.json.lockIn the meantime, A,B,C had newer versions with respect when the lock was generated.
For some reason, I deleted the "vendors" and wanted to do a composer install and failed with the message:
Warning: The lock file is not up to date with the latest changes in composer.json.
You may be getting outdated dependencies. Run update to update them.
Your requirements could not be resolved to an installable set of packages.
I tried to run the solution from Seldaek issuing a composer update vendorD/libraryD but composer insisted to update more things, so .lock had too changes seen my my git tool.
The solution I used was:
vendors dir.VendorD/LibraryD from the .json.composer install..json and checkout it again from the repo (equivalent to re-adding the file, but avoiding potential whitespace changes).composer update vendorD/libraryDIt did install the library, but in addition, git diff showed me that in the .lock only the new things were added without editing the other ones.
(Thnx Seldaek for the pointer ;) )
Source: Stackoverflow.com